jQuery load method: loading foreign domain?

Question

hey guys, is it possible to load a foreign website into a div of my page with the jQuery load method?

$('#content').load('http://www.somedomain.com/server/whatever/file.php');

it's not working for me!

regards matt

Answer 1

From the jQuery.load page:

Due to browser security restrictions, most "Ajax" requests are subject to the same origin policy; the request can not successfully retrieve data from a different domain, subdomain, or protocol.

Same origin policy

Answer 2

You can't due to security restrictions in the browser. Use a proxy.

http://developer.yahoo.com/javascript/howto-proxy.html

Answer 3

As @Giorgi says, cross site calls are often blocked due to security restrictions. However, if the remote site returns JSONP the call will most likely work.

For other calls you have to call on a page on your own site. And that page could veru well be a proxy which fetches the requested url on the backend instead.

$('#content').load('/myproxy.handler?url=http://www.somedomain.com/server/whatever/file.php');

Answer 4

You might be able to work around the security restriction described by @Giorgi using a PHP-based proxy script.

proxy.php

<?php
if( isset( $_GET['url'] ) ) {
 # Get the Referred URL
  $raw = file_get_contents( $_GET['url'] );
 # RegExp to Strip All Script tags and/or links with Javascript in them.
  $safe = preg_replace( '/<script[^>]*>.*<\/script>|[\"\']javascript:.*[\"\']/im' , '' , $raw );
  echo $safe;
} else {
  echo 'No URL Set';
}

Then use the jQuery load action to call pages like proxy.php?url=http%3A//www.google.com/

Not, the preg_replace() action is just a rough draft - you would want to do some major testing and tweaking to ensure that you prevent people from messing with your site this way.